Static code analyzers
angr (binary analysis framework)
Angr is a security tool written in Python to allow analyzing binaries. It provides a combination of static and dynamic analysis.
Bandit (Python static code analyzer)
Bandit is an AST-based static analyzer for analyzing Python code. It helps with finding code flaws that could lead to security vulnerabilities.
graudit (static code analysis tool)
Graudit is a security tool to perform static code analysis by using the grep tool. It is a lightweight solution to find common issues in code.
yasca (source code analysis)
Yasca is a tool to perform code analysis and linting. It can be used by developers and security professionals to evaluate the code quality.